ITSY 2430 Intrusion Detection Chapter Quiz 09 Name: __________________

advertisement
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 9, Page 363
Prof. Michael P. Harris
ITSY 2430 Intrusion Detection
Name: __________________
Chapter Quiz 09
Date: ________
Chapter Review Questions, Choosing and Designing Firewalls
1. A firewall can do which of the following? (Choose all that apply.)
2. What is the primary difference between a screened host and a dual-homed
host setup?
3. A firewall is an effective standalone security solution. True or False?
4. What is the main problem with a screening router setup?
5. Name three functions that most firewalls can’t handle that need to be
performed by additional software products.
6. What enables servers in a server farm to work together to handle requests?
7. Why would a company consider the expense and extra work of purchasing
and installing clusters of servers and creating multiple DMZs?
8. Why create a protected subnet within an already protected internal
network? (Choose all that apply.)
Page 1 of 3
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 9, Page 363
Prof. Michael P. Harris
9. Stateless packet filters decide whether to allow or block packets based on
which of the following?
10. A corporation with several branch offices has decided to maintain multiple
firewalls, one to protect each branch office’s network. What’s the most
efficient way to maintain these firewalls?
11. Software or hardware configured to monitor traffic from the internal
network to the Internet is called? (Choose all that apply.)
12. Which of the following is an advantage of using a software firewall rather
than a hardware firewall?
13. Which of the following is an advantage of using a hardware firewall rather
than a software firewall? (Choose all that apply.)
14. Almost every type of firewall depends on what configurable feature for its
effectiveness?
15. Given that many kinds of network traffic can pass through a network
gateway, what’s the problem with creating a long complex rule base
designed to handle every possible situation? (Choose all that apply.)
16. Where should the most important rules in a rule base go?
17. Which of the following is a guideline for developing a firewall rule base?
Page 2 of 3
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 9, Page 363
Prof. Michael P. Harris
18. A firewall policy does which of the following? (Choose all that apply.)
19. A rule base should end with a(n) __________rule.
20. The rule base should allow internal clients unrestricted and
unfiltered Internet access. True or False?
Page 3 of 3
Download